summaryrefslogtreecommitdiff
path: root/source3/rpc_client
diff options
context:
space:
mode:
Diffstat (limited to 'source3/rpc_client')
-rw-r--r--source3/rpc_client/cli_connect.c31
-rw-r--r--source3/rpc_client/cli_samr.c16
-rw-r--r--source3/rpc_client/msrpc_samr.c100
3 files changed, 134 insertions, 13 deletions
diff --git a/source3/rpc_client/cli_connect.c b/source3/rpc_client/cli_connect.c
index d2d23864c3..d9ae71e6c9 100644
--- a/source3/rpc_client/cli_connect.c
+++ b/source3/rpc_client/cli_connect.c
@@ -308,6 +308,21 @@ BOOL cli_pol_link(POLICY_HND *to, const POLICY_HND *from)
get a user session key associated with a connection associated with a
policy handle.
****************************************************************************/
+BOOL cli_get_con_usr_sesskey(struct cli_connection *con, uchar usr_sess_key[16])
+{
+ if (con == NULL)
+ {
+ return False;
+ }
+ memcpy(usr_sess_key, con->cli->usr.pwd.sess_key, 16);
+
+ return True;
+}
+
+/****************************************************************************
+get a user session key associated with a connection associated with a
+policy handle.
+****************************************************************************/
BOOL cli_get_con_sesskey(struct cli_connection *con, uchar sess_key[16])
{
if (con == NULL)
@@ -347,6 +362,22 @@ BOOL cli_con_get_srvname(struct cli_connection *con, char *srv_name)
get a user session key associated with a connection associated with a
policy handle.
****************************************************************************/
+BOOL cli_get_usr_sesskey(const POLICY_HND *pol, uchar usr_sess_key[16])
+{
+ struct cli_connection *con = NULL;
+
+ if (!cli_connection_get(pol, &con))
+ {
+ return False;
+ }
+
+ return cli_get_con_usr_sesskey(con, usr_sess_key);
+}
+
+/****************************************************************************
+get a user session key associated with a connection associated with a
+policy handle.
+****************************************************************************/
BOOL cli_get_sesskey(const POLICY_HND *pol, uchar sess_key[16])
{
struct cli_connection *con = NULL;
diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c
index f4308c2107..0c3da6801a 100644
--- a/source3/rpc_client/cli_samr.c
+++ b/source3/rpc_client/cli_samr.c
@@ -954,15 +954,15 @@ BOOL samr_delete_dom_alias( POLICY_HND *alias_pol)
/****************************************************************************
do a SAMR Create Domain User
****************************************************************************/
-BOOL samr_create_dom_user( POLICY_HND *domain_pol, const char *acct_name,
+uint32 samr_create_dom_user( POLICY_HND *domain_pol, const char *acct_name,
uint32 unk_0, uint32 unk_1,
POLICY_HND *user_pol, uint32 *rid)
{
prs_struct data;
prs_struct rdata;
+ uint32 status = NT_STATUS_INVALID_PARAMETER | 0xC0000000;
SAMR_Q_CREATE_USER q_o;
- BOOL valid_pol = False;
if (user_pol == NULL || domain_pol == NULL || acct_name == NULL || rid == NULL) return False;
@@ -987,26 +987,30 @@ BOOL samr_create_dom_user( POLICY_HND *domain_pol, const char *acct_name,
samr_io_r_create_user("", &r_o, &rdata, 0);
p = rdata.offset != 0;
+ status = r_o.status;
if (p && r_o.status != 0)
{
/* report error code */
DEBUG(4,("SAMR_R_CREATE_USER: %s\n", get_nt_error_msg(r_o.status)));
- p = False;
+ p = r_o.status != NT_STATUS_USER_EXISTS;
}
if (p)
{
memcpy(user_pol, &r_o.user_pol, sizeof(r_o.user_pol));
*rid = r_o.user_rid;
- valid_pol = cli_pol_link(user_pol, domain_pol);
+ if (!cli_pol_link(user_pol, domain_pol))
+ {
+ status = NT_STATUS_INVALID_HANDLE | 0xC0000000;
+ }
}
}
prs_mem_free(&data );
prs_mem_free(&rdata );
- return valid_pol;
+ return status;
}
/****************************************************************************
@@ -1632,7 +1636,7 @@ BOOL samr_query_lookup_domain( POLICY_HND *pol, const char *dom_name,
do a SAMR Query Lookup Names
****************************************************************************/
BOOL samr_query_lookup_names( POLICY_HND *pol, uint32 flags,
- uint32 num_names, char **names,
+ uint32 num_names, const char **names,
uint32 *num_rids,
uint32 rid[MAX_LOOKUP_SIDS],
uint32 type[MAX_LOOKUP_SIDS])
diff --git a/source3/rpc_client/msrpc_samr.c b/source3/rpc_client/msrpc_samr.c
index a2806463b5..f6148571aa 100644
--- a/source3/rpc_client/msrpc_samr.c
+++ b/source3/rpc_client/msrpc_samr.c
@@ -995,27 +995,111 @@ uint32 msrpc_sam_enum_aliases( const char* srv_name,
/****************************************************************************
do a SAMR create domain user
****************************************************************************/
-BOOL create_samr_domain_user( POLICY_HND *pol_open_domain,
+BOOL create_samr_domain_user( POLICY_HND *pol_dom,
const char *acct_name, uint16 acb_info,
+ const char* password,
uint32 *rid)
{
POLICY_HND pol_open_user;
BOOL ret = True;
+ BOOL res1 = True;
+ char pwbuf[516];
+ char randompw[24];
+ int plen = 0;
+ SAM_USER_INFO_24 *p24;
+ SAM_USER_INFO_16 *p16;
+ SAM_USER_INFO_16 usr16;
- if (pol_open_domain == NULL || acct_name == NULL) return False;
+ if (pol_dom == NULL || acct_name == NULL) return False;
/* send create user */
- if (!samr_create_dom_user( pol_open_domain,
+ ret = samr_create_dom_user( pol_dom,
acct_name, acb_info, 0xe005000b,
- &pol_open_user, rid))
+ &pol_open_user, rid);
+
+ if (ret == 0x0)
+ {
+ samr_close(&pol_open_user);
+ }
+
+ if (ret != 0 && ret != (NT_STATUS_USER_EXISTS | 0xC0000000))
{
return False;
}
+ if (ret == (NT_STATUS_USER_EXISTS | 0xC0000000))
+ {
+ uint32 num_rids;
+ const char *names[1];
+ uint32 type[1];
+
+ names[0] = acct_name;
+ res1 = samr_query_lookup_names( pol_dom, 0x3e8,
+ 1, names,
+ &num_rids, rid, type);
+ if (res1 == False || type[0] != SID_NAME_USER)
+ {
+ return False;
+ }
+ }
+
DEBUG(5,("create_samr_domain_user: name: %s rid 0x%x\n",
acct_name, *rid));
- return samr_close(&pol_open_user) && ret;
+ if (IS_BITS_SET_SOME(acb_info, ACB_NORMAL | ACB_DOMTRUST) &&
+ password == NULL)
+ {
+ return True;
+ }
+
+ if (password == NULL)
+ {
+ generate_random_buffer(randompw, sizeof(randompw), True);
+ password = randompw;
+ plen = sizeof(randompw);
+ }
+ else
+ {
+ plen = strlen(password);
+ }
+ encode_pw_buffer(pwbuf, password, plen, False);
+
+ p24 = (SAM_USER_INFO_24*)malloc(sizeof(SAM_USER_INFO_24));
+ if (p24 == NULL)
+ {
+ return False;
+ }
+
+ make_sam_user_info24(p24, pwbuf, plen);
+
+ res1 = set_samr_set_userinfo( pol_dom, 0x18, *rid, (void*)p24);
+
+ if (res1 == False)
+ {
+ return False;
+ }
+
+ /* send set user info */
+ res1 = get_samr_query_userinfo( pol_dom, 0x10, *rid, (void*)&usr16);
+
+ if (res1 == False)
+ {
+ return False;
+ }
+
+ if (usr16.acb_info != acb_info)
+ {
+ p16 = (SAM_USER_INFO_16 *) malloc(sizeof(SAM_USER_INFO_16));
+ if (p16 == NULL)
+ {
+ return False;
+ }
+ p16->acb_info = usr16.acb_info;
+
+ res1 = set_samr_set_userinfo2( pol_dom, 0x10, *rid, (void*)p16);
+ }
+
+ return res1;
}
/****************************************************************************
@@ -1440,7 +1524,8 @@ BOOL get_samr_query_aliasinfo(
SAM create domain user.
****************************************************************************/
BOOL msrpc_sam_create_dom_user(const char* srv_name, DOM_SID *sid1,
- char *acct_name, uint16 acb_info,
+ const char *acct_name, uint16 acb_info,
+ const char *password,
uint32 *rid)
{
BOOL res = True;
@@ -1464,7 +1549,8 @@ BOOL msrpc_sam_create_dom_user(const char* srv_name, DOM_SID *sid1,
/* create a domain user */
res2 = res1 ? create_samr_domain_user(
&pol_dom,
- acct_name, acb_info, &user_rid) : False;
+ acct_name,
+ acb_info, password, &user_rid) : False;
res1 = res1 ? samr_close( &pol_dom) : False;
res = res ? samr_close( &sam_pol) : False;